| 0,0 → 1,51 |
|---|
| <?php |
| session_start(); |
| #required when using sessions to put that at the top of each page |
| |
| include 'shoutfunctions.php'; |
| #used for dbinsans |
| |
| include 'shoutoptions.php'; |
| #used for database vars |
| |
| |
| mysql_connect("$dbHost", "$dbUser", "$dbPass") or die("Unable to connect!"); |
| #connect |
| |
| |
| mysql_select_db ($dbname); |
| #select the database |
| |
| $PW = md5(dbinsans($_POST['password'])); |
| #md5 encryption on password |
| |
| $User = dbinsans($_POST['username']); |
| #only does the hacker hole closing on username |
| |
| $result = mysql_query("SELECT * FROM ShoutAdmin WHERE username='$User' AND password='$PW'"); |
| #creates and executes query returns result |
| |
| $row =mysql_fetch_array($result); |
| #fetches a row |
| |
| |
| if ($row['password']!= md5($_POST['password'])){ |
| #if the passwords don't match |
| } else { |
| $r=1; |
| #we're using it to tell we got a match |
| |
| $_SESSION['username'] = $row['username']; |
| #set the session variable username to the users name |
| |
| $_SESSION['password'] = $row['password']; |
| #set the session variable password to the users password |
| |
| $_SESSION['level'] = $row['level']; |
| #set the session variable level to the level |
| } |
| if ($r!=1) |
| echo 'Sorry, your password is incorrect. Remember, it\'s case sensitive.'; |
| else |
| echo 'Thank you for logging in, <a href="ShoutAdmin.php">Click Here</a> to continue.'; |
| ?> |